CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

OSV•added 2018/10/11 9:1 p.m.•1 views

CVE-2018-18257

An issue was discovered in BageCMS 3.1.3. An attacker can delete any files and folders on the web server via an index.php?r=admini/template/batch&command=deleteFile&fileName= or index.php?r=admini/template/batch&command=deleteFolder&folderName=../ directory traversal URI...

7.5CVSS5.8AI score0.00336EPSS

Exploits1References1

CVE•added 2018/10/11 8:0 p.m.•37 views

CVE-2018-18257

CVE-2018-18257 affects BageCMS 3.1.3. The issue is a directory-traversal in the admin template batch deleteFile/deleteFolder endpoints (index.php?r=admini/template/batch&command=deleteFile&fileName=… or &command=deleteFolder&folderName=..…), allowing an attacker to delete arbitrary files and fold...

7.5CVSS7.5AI score0.00336EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by